摘要
讨论了C/C++源程序中缓冲区溢出的常见表现;分析了其特性以及产生机理;提出了在源代码的AST上附加安全属性进行漏洞静态检测的方法;讨论了该方法的实现过程。
The familiar representation of buffer overflow vulnerabilities is proposed.A analysis to the vulnerabilities'char-acteristics and how they work has been made.A method by adding the safe rules to sorcecode's AST is presented for statically detecting such problems.The approach's work-process is given.
出处
《计算机工程与应用》
CSCD
北大核心
2004年第20期108-110,共3页
Computer Engineering and Applications
基金
国家部委预研基金资助